RedhatCVELIST:CVE-2019-10194CVE-2019-10194
5.9 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.4%
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
CNA Affected
[
{
"product": "ovirt-engine-metrics",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
]Related
5.9 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.4%